Quitting the Legacy IP at Cisco Live Milan

It’s that time of the year again – time for some computer and human networking at Cisco Live Milan! This year I’m taking the unusual and somewhat risky step of blogging about the network infrastructure before the event. This is because we’re going to try something interesting for the networking folks. We are going to try and get rid of the Legacy IP, otherwise known as IPv4.

Before you get too worried – no, the dual stack network setup does not disappear. Lots of critical parts of our everyday lives still need the old and proven protocol to successfully operate, so removing it would be irresponsible to say the least. But some of you may be interested to try (in a controlled fashion) exactly how strong the ties to the old good legacy. If you are one of these people, this post is for you – because this blog entry is one of the few places, if not the only one, to find the IPv6-only SSID name and access credentials.

First of all, what’s the big deal with IPv6-only access network, wasn’t this tried before?

Sure, it is not all new. The first time we tried an IPv6-only network was at IPv6 World Congress conference in Paris, early spring 2012. We also had an IPv6-only SSID in one of the Cisco Live US conferences. We discovered that the subset of the operating systems that could successfully operate in this kind of environment was pretty small. But as time passed, evidence suggests the situation was slowly improving.

And indeed it was improving. In October 2013, I had the honor of being able to work with the RIPE67 conference organisers to setup an experimental SSID “IPV6ONLYEXP” which was running an IPv6-only access network with NAT64/DNS64. You can see the results here and download the presentation. You’ll find a mix of curious failures and what I consider to be a great success – roughly about 10% of the conference attendees had managed not only to connect to the network, but to stay using it for the entire time of the conference!

Based on this, we decided to repeat this experiment on a larger scale as the Cisco Live Milan network is about 10x the size (both in the number of WiFi endpoints connected and in the number of the access points). Similar to last year, we will have about 300 of them and this makes certain precautions a necessity.

As with any IPv6 deployment, it’s a delicate act: the user experience trumps everything else. The regular SSID will be available in both 5GHz and 2.4GHz spectra to make sure even the devices with 2.4GHz-only radios can connect. Depending on the local conditions, we may be forced to make the “IPV6ONLYEXP” SSID 5GHz-only, to save the scarce 2.4GHz capacity, to ensure that our experiment does not negatively impact any other users. In such an event 2.4GHz devices will not be able to see this SSID. However, a lot of the newer devices have the best chance of success using the IPV6ONLYEXP access network. Otherwise, bring your 5GHz USB WiFi adapter!

Another, related challenge may be in using the special code required to run high-density WiFi (“stadium” WiFi) for the densely filled areas like keynote area. To maximize the user experience here, we may have to fallback to Legacy IP. However, if you see the SSID advertised – go ahead and try to connect!

We will use WPA2-PSK authentication, with the passphrase of “iknowbesteffort”. This passphrase is a subtle way of getting your acknowledgement that you know it is an experiment (credits to Marco Hogewoning from RIPE for the creative use of the pre-shared passphrase as a EULA). The setup will be fairly classic, running SLAAC and using stateless DHCPv6 for the configuration of the DNS server. The DNS server will run DNS64, in order to use NAT64 to connect to the portions of the Legacy Internet that do not have IPv6 yet.

What do we expect to break?

Some of the devices may not be able to pick up the DNS server address using stateless DHCPv6 (if you have a MacOS X 10.6 and earlier for example) and/or require the IPv4 address in order to keep the connection alive. Some of you will remember, one of the times we experimented with “training wheels” IPv4 by distributing IPv4 addresses from 100.64.0.0/16 range, with an ACL on the first hop. We will not do it this year.

Other challenging areas are VPN and Voice/Video. For example, the native IPSec client on MacOS X will not be able to connect to the headend. On the other hand, some of the vendor-specific solutions might work fine
(e.g. Cisco AnyConnect works fine over IPv6-only connection, provided that you have enabled your headend with IPv6). SSH with port forwarding is also possible and works fine.

Of course, we are very keen to hear your experiences with various devices and apps. Tweet to me (@ayourtch) and include the hashtag of #IPV6ONLYEXP. Likewise, I will use this hashtag to broadcast announcements related to the operation of the IPv6-only SSID.

If you’d like to meet and talk live – pop by BRKRST-2304 (this year under its own number!). If you already saw my troubleshooting session from last year, check out my entirely new creation: BRKEWN-2666 about IPv6 and WiFi. There are a lot of opportunities to learn about IPv6 at the event, from the World of Solutions to panels, breakouts and more. Get all the details from Steve Simlo’s latest blog post: IPv6 is Everywhere at Cisco Live Milan!

I am looking forward at seeing you all and hope that the experience you get at Cisco Live Milan will help you to setup an IPv6-only experimental network back home, and make the hashtag #IPV6ONLYEXP a persistent phenomenon!

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.